RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Description of problem:
When gs is run to read a file from stdin, it adds an error to the output file. This makes the postscript file invalid and unusable.

Version-Release number of selected component (if applicable):
ghostscript-9.07-31.el7_6.6

How reproducible:
Always

Steps to Reproduce:
1. cat in.pdf | gs -q -dNOPAUSE -dBATCH -P- -dSAFER -sDEVICE=ps2write -sOutputFile=- -c save pop -f - > out.ps
2.
3.

Actual results:
GPL Ghostscript 9.07: Unrecoverable error, exit code 1

The out.ps file starts with the following lines:
Error: /invalidfileaccess in --run--
Operand stack:
   (/tmp/gs_Mjcxno)
Execution stack:
   %interp_exit   .runexec2   --nostringval--   run   --nostringval--   2   %stopped_push   --nostringval--   run   run   false   1   %stopped_push   1907   1   3   %oparray_pop   1906   1   3   %oparray_pop   1887   1   3   %oparray_pop
Dictionary stack:
   --dict:938/1684(ro)(G)--   --dict:1/20(G)--   --dict:77/200(L)--
Current allocation mode is local
%!PS-Adobe-3.0
%%BoundingBox: 0 0 172 65
%%HiResBoundingBox: 0 0 172.00 65.00


Expected results:
The out.ps file should be valid.

Additional info:

Also, gs lefts temporary files in /tmp with names something like gs_Mjcxno.

Thank you very much for reporting this problem!


I can reproduce the same.

Responsible patch:

ghostscript-cve-2018-16539.patch

This problem is known to us already:

Bug 1661210 - ghostscript: Regression: pdf2ps reports an error when reading from stdin (Error: /invalidfileaccess in --run--)

TEMPORARY WORKAROUND:

- either pass the input file as command line argument instead of letting it be read through stdin
- or ignore the error (the error doesn't look to be influencing contents of the resulting output file)
- or downgrade to ghostscript-9.07-31.el7
- or temporarily remove '-dSAFER' from /usr/bin/pdf2ps

Going to close this BZ as DUPLICATE.

*** This bug has been marked as a duplicate of bug 1661210 ***